mercurial 4.5.3-1ubuntu2.2 source package in Ubuntu
Changelog
mercurial (4.5.3-1ubuntu2.2) bionic-security; urgency=medium
* SECURITY UPDATE: OOB reads
- debian/patches/CVE-2018-17983.patch: fix OOB read of corrupted manifest
entry in mercurial/cext/manifest.c.
- CVE-2018-17983
* SECURITY UPDATE: Write to arbitrary files outside a repository by using
symlinks in subrepositories
- debian/patches/CVE-2019-3902-pre.patch: subrepo: extend path auditing test
to include more weird patterns (SEC)
- debian/patches/CVE-2019-3902-1.patch: subrepo: prohibit variable
expansion on creation of hg subrepo (SEC)
- debian/patches/CVE-2019-3902-3.patch: subrepo: reject potentially unsafe
subrepo paths (BC) (SEC)
- CVE-2019-3902
-- Leonidas Da Silva Barbosa <email address hidden> Fri, 01 Oct 2021 11:32:41 -0300
Upload details
- Uploaded by:
- Leonidas S. Barbosa
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- vcs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Bionic | updates | universe | devel | |
| Bionic | security | universe | devel |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| mercurial_4.5.3.orig.tar.gz | 5.6 MiB | 9c4cb257ef1e59e9aba693cc285a6136f7bb4e8300f598ff50ff8b6fc77808fc |
| mercurial_4.5.3.orig.tar.gz.asc | 833 bytes | 578a21314a0ab790777c88ae4af6bab66f8cf72e94f2d09580f9dfa3197ce326 |
| mercurial_4.5.3-1ubuntu2.2.debian.tar.xz | 64.9 KiB | 5de05a51d39899d97316e42bc887f2a50ed7161316cdeda1d7a11ec813e6f85b |
| mercurial_4.5.3-1ubuntu2.2.dsc | 2.7 KiB | 13a03bd95ffbbd300d22eaf0b02bcabb145943ffeb874e37410b14c8d63ac6e7 |
Available diffs
Binary packages built by this source
- mercurial: easy-to-use, scalable distributed version control system
Mercurial is a fast, lightweight Source Control Management system designed
for efficient handling of very large distributed projects.
.
Its features include:
* O(1) delta-compressed file storage and retrieval scheme
* Complete cross-indexing of files and changesets for efficient exploration
of project history
* Robust SHA1-based integrity checking and append-only storage model
* Decentralized development model with arbitrary merging between trees
* High-speed HTTP-based network merge protocol
* Easy-to-use command-line interface
* Integrated stand-alone web interface
* Small Python codebase
.
This package contains the architecture dependent files.
- mercurial-common: easy-to-use, scalable distributed version control system (common files)
Mercurial is a fast, lightweight Source Control Management system designed
for efficient handling of very large distributed projects.
.
This package contains the architecture independent components of Mercurial,
and is generally useless without the mercurial package.
- mercurial-dbgsym: debug symbols for mercurial
